[Icecast] Securing the Icecast admin page

Damian db76 at riseup.net
Tue Jan 18 05:12:55 UTC 2022


Yeah, that’s what I thought, except f2b reads from the logs you specific, and so when I tested logging in with incorrect Icecast user credentials on my server, I could not see any lines in the Icecast access.log file to indicate that a failed login attempt was recorded. It leads me to think that f2b would not work in this instance.

> On 18 Jan 2022, at 2:35 pm, Jordan Erickson <jordan at coolmic.net> wrote:
> 
> Hi Damian,
> 
> I would think f2b would be a good candidate to take care of something like that.
> 
> 
> Cheers,
> Jordan Erickson
> 
> On 1/17/22 18:52, Damian wrote:
>> Hi to all Icecast community members,
>> 
>> I’d like to know if anyone has successfully configured fail2ban or something similar in order to provide additional security to the login section of the Icecast2 admin area, and whether it is worthwhile to actually do so?
>> 
>> If fail2ban is not the way to go, are there any recommended tools or actions that I should take. I would like to prevent repeated failed login attempts at the admin login page. I have noticed that the Icecast2 access.log does not seem to log failed attempts anyway, so I am not sure how useful fail2ban would be in this regard.
>> 
>> Damian
>> 
>> _______________________________________________
>> Icecast mailing list
>> Icecast at xiph.org
>> http://lists.xiph.org/mailman/listinfo/icecast
> 
> -- 
> Jordan Erickson
> Project Manager, Cool Mic
> https://coolmic.net/
> 



More information about the Icecast mailing list